|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
From: X-Force (xforce_at_iss.net)
Date: Mon Jul 29 2002 - 12:55:04 CDT
TO UNSUBSCRIBE: email "unsubscribe alert" in the body of your message to
majordomo
iss.net Contact alert-owneriss.net for help with any problems!
---------------------------------------------------------------------------
-----BEGIN PGP SIGNED MESSAGE-----
Internet Security Systems Security Alert Summary AS02-30
July 29, 2002
X-Force Vulnerability and Threat Database:
http://www.iss.net/security_center
To receive these Alert Summaries, as well as other Alerts and
Advisories, subscribe to the Internet Security Systems Alert
mailing list at:
http://www.iss.net/security_center/maillists
This summary is available at the following address:
http://www.iss.net/security_center/alerts/AS02-30.php
_____
Contents:
* 54 Reported Vulnerabilities
* Risk Factor Key
_____
Date Reported: 07/17/2002
Brief Description: Linux dump flock() /etc/dumpdates denial of service
Risk Factor: Low
Attack Type: Host Based
Platforms: FreeBSD All versions, Linux All versions, NetBSD
All versions, OpenBSD All versions
Vulnerability: dump-flock-dumpdates-dos
X-Force URL: http://www.iss.net/security_center/static/9632.php
Date Reported: 07/17/2002
Brief Description: Linux tip flock() /var/log/acculog denial of
service
Risk Factor: Low
Attack Type: Host Based
Platforms: FreeBSD All versions, Linux All versions, NetBSD
All versions, OpenBSD All versions
Vulnerability: tip-flock-acculog-dos
X-Force URL: http://www.iss.net/security_center/static/9633.php
Date Reported: 07/19/2002
Brief Description: Adobe eBook Reader could allow an attacker to
bypass copy, print, and lend limitations
Risk Factor: Low
Attack Type: Host Based
Platforms: eBook Reader 2.2, Windows All versions
Vulnerability: adobe-ebook-bypass-restrictions
X-Force URL: http://www.iss.net/security_center/static/9634.php
Date Reported: 07/22/2002
Brief Description: PHP multipart/form-data POST handler buffer
overflow
Risk Factor: High
Attack Type: Host Based / Network Based
Platforms: Linux All versions, PHP 4.2.0, PHP 4.2.1, Unix All
versions, Windows All versions
Vulnerability: php-multipart-handler-bo
X-Force URL: http://www.iss.net/security_center/static/9635.php
Date Reported: 07/15/2002
Brief Description: FuseTalk search results page cross-site scripting
Risk Factor: High
Attack Type: Network Based
Platforms: FuseTalk 2.0, FuseTalk 3.0, Linux All versions,
Unix All versions, Windows All versions
Vulnerability: fusetalk-search-xss
X-Force URL: http://www.iss.net/security_center/static/9637.php
Date Reported: 07/19/2002
Brief Description: Geeklog HTML attributes cross-site scripting
Risk Factor: Medium
Attack Type: Network Based
Platforms: Geeklog 1.3.5sr1 and earlier, Linux All versions,
Windows All versions
Vulnerability: geeklog-html-attribute-xss
X-Force URL: http://www.iss.net/security_center/static/9638.php
Date Reported: 07/19/2002
Brief Description: Geeklog CRLF injection in email headers could
reveal recipient's addresses
Risk Factor: Low
Attack Type: Network Based
Platforms: Geeklog 1.3.5sr1 and earlier, Linux All versions,
Windows All versions
Vulnerability: geeklog-email-crlf-injection
X-Force URL: http://www.iss.net/security_center/static/9639.php
Date Reported: 07/19/2002
Brief Description: HP Tru64 UNIX /bin/su buffer overflow
Risk Factor: High
Attack Type: Host Based
Platforms: Tru64 UNIX 5.0, Tru64 UNIX 5.0a, Tru64 UNIX 5.1,
Tru64 UNIX 5.1a
Vulnerability: tru64-su-bo
X-Force URL: http://www.iss.net/security_center/static/9640.php
Date Reported: 07/19/2002
Brief Description: BadBlue 302 response cross-site scripting
Risk Factor: Medium
Attack Type: Network Based
Platforms: BadBlue Enterprise Edition 1.7, BadBlue Enterprise
Edition 1.7.2, BadBlue Enterprise Edition 1.7.3,
BadBlue Enterprise Edition 1.7.4, BadBlue Personal
Edition 1.7, BadBlue Personal Edition 1.7.2,
BadBlue Personal Edition 1.7.3, BadBlue Personal
Edition 1.7.4, Windows All versions
Vulnerability: badblue-302-xss
X-Force URL: http://www.iss.net/security_center/static/9641.php
Date Reported: 07/20/2002
Brief Description: BadBlue malicious HTTP POST request allows an
attacker to gain unauthorized administrative access
Risk Factor: High
Attack Type: Network Based
Platforms: BadBlue Enterprise Edition 1.7, BadBlue Enterprise
Edition 1.7.2, BadBlue Enterprise Edition 1.7.3,
BadBlue Enterprise Edition 1.7.4, Windows All
versions
Vulnerability: badblue-unauth-admin-access
X-Force URL: http://www.iss.net/security_center/static/9642.php
Date Reported: 07/19/2002
Brief Description: Microsoft Outlook Express malformed MIME headers
could allow file type, size, and icon spoofing
Risk Factor: Medium
Attack Type: Network Based
Platforms: Microsoft Internet Explorer 5.01, Microsoft
Internet Explorer 5.5, Microsoft Outlook Express
5.0, Microsoft Outlook Express 5.5, Microsoft
Outlook Express 6.0, Windows 95, Windows 98,
Windows 98 Second Edition, Windows 2000 Workstation
All versions, Windows NT 4.0
Vulnerability: outlook-express-attachment-spoofing
X-Force URL: http://www.iss.net/security_center/static/9643.php
Date Reported: 07/22/2002
Brief Description: BenHur Firewall could allow an attacker to scan
"protected" ports and gain sensitive information
Risk Factor: Low
Attack Type: Network Based
Platforms: BenHur Firewall R3 update 066 fix 2, Linux All
versions
Vulnerability: benhur-protected-port-scan
X-Force URL: http://www.iss.net/security_center/static/9644.php
Date Reported: 07/20/2002
Brief Description: Netscape Communicator META refresh denial of
service
Risk Factor: Low
Attack Type: Network Based
Platforms: Netscape 6.2.1, Windows All versions
Vulnerability: netscape-meta-refresh-dos
X-Force URL: http://www.iss.net/security_center/static/9645.php
Date Reported: 07/20/2002
Brief Description: /php/php.exe request without an argument could
cause a denial of service
Risk Factor: Low
Attack Type: Network Based
Platforms: Apache HTTP Server All versions, Linux All
versions, PHP All versions, Windows All versions
Vulnerability: php-no-argument-dos
X-Force URL: http://www.iss.net/security_center/static/9646.php
Date Reported: 07/22/2002
Brief Description: Pablo FTP Server LIST "dot dot" directory traversal
Risk Factor: Medium
Attack Type: Network Based
Platforms: Pablo's FTP Server 1.0 Build 9, Windows All
versions
Vulnerability: pablo-ftp-directory-traversal
X-Force URL: http://www.iss.net/security_center/static/9647.php
Date Reported: 07/22/2002
Brief Description: ClickCartPro could allow unauthorized access to the
admin_user.db file
Risk Factor: Medium
Attack Type: Network Based
Platforms: ClickCartPro 4.0, Windows All versions
Vulnerability: clickcartpro-unauth-database-access-access
X-Force URL: http://www.iss.net/security_center/static/9648.php
Date Reported: 07/23/2002
Brief Description: SecureCRT SSH1 protocol identifier string buffer
overflow
Risk Factor: High
Attack Type: Network Based
Platforms: SecureCRT 3.4, SecureCRT 4.0 beta, Windows 2000,
Windows XP, Windows NT 4.0
Vulnerability: securecrt-ssh1-identifier-bo
X-Force URL: http://www.iss.net/security_center/static/9650.php
Date Reported: 07/23/2002
Brief Description: MailMax pop3max daemon USER buffer overflow
Risk Factor: High
Attack Type: Network Based
Platforms: MailMax 4.8 PE, MailMax 4.8 SE, Windows 2000,
Windows NT 4.0
Vulnerability: mailmax-pop3max-user-bo
X-Force URL: http://www.iss.net/security_center/static/9651.php
Date Reported: 07/22/2002
Brief Description: SSH1 and SSH2 protocol hostkey change "man-in-the-
middle"
Risk Factor: Medium
Attack Type: Network Based
Platforms: BSD All versions, Linux All versions, MacOS X All
versions, OpenSSH All versions, SSH 1.x, SSH 2.x,
Unix All versions, Windows All versions
Vulnerability: ssh-protocol-change-mitm
X-Force URL: http://www.iss.net/security_center/static/9652.php
Date Reported: 07/23/2002
Brief Description: Microsoft Internet Explorer CTRL key could be used
to upload files
Risk Factor: Medium
Attack Type: Network Based
Platforms: Microsoft Internet Explorer 6.0, Windows All
versions
Vulnerability: ie-ctrl-file-upload
X-Force URL: http://www.iss.net/security_center/static/9653.php
Date Reported: 07/24/2002
Brief Description: Eudora META refresh .mhtml could be used to execute
files
Risk Factor: High
Attack Type: Network Based
Platforms: Eudora 5.1.1, Windows All versions
Vulnerability: eudora-mhtml-execute-files
X-Force URL: http://www.iss.net/security_center/static/9654.php
Date Reported: 07/24/2002
Brief Description: ZyXEL Prestige 642R "jolt" denial of service
Risk Factor: Low
Attack Type: Network Based
Platforms: ZyNOS 2.5(FA.1) and prior, ZyXEL Prestige 642R
Vulnerability: zyxel-jolt-dos
X-Force URL: http://www.iss.net/security_center/static/9655.php
Date Reported: 07/24/2002
Brief Description: Mozilla JavaScript:// URLs could be used to steal
cookies
Risk Factor: Medium
Attack Type: Network Based
Platforms: Linux All versions, MacOS 8.0, MacOS 9.0, MacOS X
All versions, Mozilla 1.0 and earlier, Windows All
versions
Vulnerability: mozilla-javascript-steal-cookies
X-Force URL: http://www.iss.net/security_center/static/9656.php
Date Reported: 07/24/2002
Brief Description: Microsoft Metadirectory Services (MMS) could allow
unauthorized access to the data repository
Risk Factor: Medium
Attack Type: Network Based
Platforms: Microsoft Metadirectory Services 2.2, Windows 2000,
Windows NT
Vulnerability: mms-data-repository-access
X-Force URL: http://www.iss.net/security_center/static/9657.php
Date Reported: 07/24/2002
Brief Description: Microsoft Exchange Server Internet Mail Connector
(IMC) EHLO buffer overflow
Risk Factor: High
Attack Type: Network Based
Platforms: Microsoft Exchange 5.5, Windows 2000, Windows NT
Vulnerability: exchange-imc-ehlo-bo
X-Force URL: http://www.iss.net/security_center/static/9658.php
Date Reported: 07/24/2002
Brief Description: Microsoft SQL Server Database Consistency Checker
(DBCC) utilities have multiple buffer overflows
Risk Factor: High
Attack Type: Network Based
Platforms: Microsoft MSDE 2000, Microsoft SQL Server 2000,
Windows 2000, Windows NT
Vulnerability: mssql-dbcc-bo
X-Force URL: http://www.iss.net/security_center/static/9659.php
Date Reported: 07/24/2002
Brief Description: Microsoft SQL Server replication stored procedures
are vulnerable to SQL Injection
Risk Factor: Medium
Attack Type: Network Based
Platforms: Microsoft MSDE 2000, Microsoft SQL Server 2000,
Windows 2000, Windows NT
Vulnerability: mssql-replication-sql-injection
X-Force URL: http://www.iss.net/security_center/static/9660.php
Date Reported: 07/24/2002
Brief Description: Microsoft SQL Server Resolution Service buffer
overflows
Risk Factor: High
Attack Type: Network Based
Platforms: Microsoft SQL Server 2000, Windows 2000, Windows NT
Vulnerability: mssql-resolution-service-bo
X-Force URL: http://www.iss.net/security_center/static/9661.php
Date Reported: 07/24/2002
Brief Description: Microsoft SQL Server Resolution Service keep-alive
function denial of service
Risk Factor: Low
Attack Type: Network Based
Platforms: Microsoft SQL Server 2000, Windows 2000, Windows NT
Vulnerability: mssql-resolution-keepalive-dos
X-Force URL: http://www.iss.net/security_center/static/9662.php
Date Reported: 07/24/2002
Brief Description: VMware GSX Server Authorization Service buffer
overflow
Risk Factor: High
Attack Type: Network Based
Platforms: VMware GSX Server 2.0.0 build-2050, Windows 2000,
Windows NT, Windows XP
Vulnerability: vmware-gsx-auth-bo
X-Force URL: http://www.iss.net/security_center/static/9663.php
Date Reported: 07/15/2002
Brief Description: Sun PC NetLink shared file backup and restore could
reset Access Control List (ACL) permissions
Risk Factor: Medium
Attack Type: Host Based
Platforms: Sun PC NetLink 1.x, Windows All versions
Vulnerability: sun-pcnetlink-acl-permissions
X-Force URL: http://www.iss.net/security_center/static/9665.php
Date Reported: 07/24/2002
Brief Description: Pine MIME encoded blank boundary denial of service
Risk Factor: Low
Attack Type: Network Based
Platforms: Linux All versions, Pine All versions, Unix All
versions
Vulnerability: pine-blank-boundary-dos
X-Force URL: http://www.iss.net/security_center/static/9668.php
Date Reported: 07/24/2002
Brief Description: Cobalt Qube specially-crafted cookie could allow
administrative access
Risk Factor: Medium
Attack Type: Host Based / Network Based
Platforms: Cobalt Qube 3
Vulnerability: cobalt-qube-admin-access
X-Force URL: http://www.iss.net/security_center/static/9669.php
Date Reported: 07/24/2002
Brief Description: MacOS X iDisk password could be transmitted in
plain text
Risk Factor: Low
Attack Type: Network Based
Platforms: MacOS X All versions
Vulnerability: macos-idisk-insecure-password
X-Force URL: http://www.iss.net/security_center/static/9670.php
Date Reported: 07/25/2002
Brief Description: Novell GroupWise long RCPT buffer overflow
Risk Factor: High
Attack Type: Network Based
Platforms: Novell GroupWise 6.0.1 SP1, Novell NetWare 5.1
Vulnerability: groupwise-rcpt-bo
X-Force URL: http://www.iss.net/security_center/static/9671.php
Date Reported: 07/25/2002
Brief Description: KaZaA Media Desktop large message denial of service
Risk Factor: Low
Attack Type: Network Based
Platforms: KaZaA Media Desktop 1.7.1, Windows 2000, Windows
95, Windows 98, Windows NT
Vulnerability: kazaa-large-msg-dos
X-Force URL: http://www.iss.net/security_center/static/9672.php
Date Reported: 07/24/2002
Brief Description: Pegasus Mail message header buffer overflow
Risk Factor: Low
Attack Type: Network Based
Platforms: Pegasus Mail 4.01, Windows All versions
Vulnerability: pegasus-message-header-bo
X-Force URL: http://www.iss.net/security_center/static/9673.php
Date Reported: 07/24/2002
Brief Description: CacheOS unresolved hostname error cross-site
scripting
Risk Factor: Medium
Attack Type: Network Based
Platforms: CacheOS 4.1.06 and earlier
Vulnerability: cacheos-unresolved-error-xss
X-Force URL: http://www.iss.net/security_center/static/9674.php
Date Reported: 07/22/2002
Brief Description: Sun Fire Environmental Monitoring Subsystem denial
of service
Risk Factor: Low
Attack Type: Host Based
Platforms: Solaris 8, Sun Fire 280R/V880/V480
Vulnerability: sun-fire-subsystem-dos
X-Force URL: http://www.iss.net/security_center/static/9675.php
Date Reported: 07/24/2002
Brief Description: Linux kernel ifconfig could fail to show that a
network interface is in promiscuous mode
Risk Factor: Medium
Attack Type: Host Based
Platforms: Linux kernel 2.2.x, Linux kernel 2.4.x
Vulnerability: linux-ifconfig-promiscuous-mode
X-Force URL: http://www.iss.net/security_center/static/9676.php
Date Reported: 07/24/2002
Brief Description: ICQ emoticons denial of service
Risk Factor: Low
Attack Type: Network Based
Platforms: ICQ 2001b All versions, ICQ 2002a All versions, ICQ
2002b All versions, Windows All versions
Vulnerability: icq-emoticons-dos
X-Force URL: http://www.iss.net/security_center/static/9677.php
Date Reported: 07/25/2002
Brief Description: StatsPlus stat.pl allows script injection
Risk Factor: Medium
Attack Type: Network Based
Platforms: StatsPlus 1.25, Unix All versions, Windows All
versions
Vulnerability: statsplus-stat-script-injection
X-Force URL: http://www.iss.net/security_center/static/9678.php
Date Reported: 07/26/2002
Brief Description: Ipswitch IMail Web Messaging daemon buffer overflow
Risk Factor: High
Attack Type: Network Based
Platforms: IMail Server 7.11 and earlier, Windows 2000,
Windows NT
Vulnerability: imail-web-messaging-bo
X-Force URL: http://www.iss.net/security_center/static/9679.php
Date Reported: 07/25/2002
Brief Description: W3Mail MIME attachment known location could allow
an attacker to execute code
Risk Factor: Medium
Attack Type: Network Based
Platforms: Unix All versions, W3Mail 1.0.3 and earlier
Vulnerability: w3mail-mime-attachment-execution
X-Force URL: http://www.iss.net/security_center/static/9680.php
Date Reported: 07/23/2002
Brief Description: DansGuardian specially-crafted URL could allow an
attacker to bypass filtering
Risk Factor: Medium
Attack Type: Network Based
Platforms: DansGuardian prior to 2.4.5-1, Linux All versions,
Unix All versions
Vulnerability: dansguardian-url-bypass-filtering
X-Force URL: http://www.iss.net/security_center/static/9681.php
Date Reported: 07/26/2002
Brief Description: Jana Server HTTP GET request logging buffer
overflow
Risk Factor: High
Attack Type: Network Based
Platforms: Jana Server 2.2.1 and earlier, Windows All versions
Vulnerability: jana-http-logging-bo
X-Force URL: http://www.iss.net/security_center/static/9682.php
Date Reported: 07/26/2002
Brief Description: Jana Server HTTP GET proxy buffer overflow
Risk Factor: High
Attack Type: Network Based
Platforms: Jana Server 2.2.1 and earlier, Windows All versions
Vulnerability: jana-http-proxy-bo
X-Force URL: http://www.iss.net/security_center/static/9683.php
Date Reported: 07/26/2002
Brief Description: Jana Server SOCKS5 Username/Password/Hostname
buffer overflow
Risk Factor: High
Attack Type: Network Based
Platforms: Jana Server 2.2.1 and earlier, Windows All versions
Vulnerability: jana-socks5-bo
X-Force URL: http://www.iss.net/security_center/static/9684.php
Date Reported: 07/26/2002
Brief Description: Jana Server POP3 reply logging buffer overflow
Risk Factor: High
Attack Type: Network Based
Platforms: Jana Server 2.2.1 and earlier, Windows All versions
Vulnerability: jana-pop3-logging-bo
X-Force URL: http://www.iss.net/security_center/static/9685.php
Date Reported: 07/26/2002
Brief Description: Jana Server SMTP reply logging buffer overflow
Risk Factor: High
Attack Type: Network Based
Platforms: Jana Server 2.2.1 and earlier, Windows All versions
Vulnerability: jana-smtp-logging-bo
X-Force URL: http://www.iss.net/security_center/static/9686.php
Date Reported: 07/26/2002
Brief Description: Jana Server FTP PASV command denial of service
Risk Factor: Low
Attack Type: Network Based
Platforms: Jana Server 2.2.1 and earlier, Windows All versions
Vulnerability: jana-ftp-pasv-dos
X-Force URL: http://www.iss.net/security_center/static/9687.php
Date Reported: 07/26/2002
Brief Description: Jana Server POP3 username/password brute force
Risk Factor: Low
Attack Type: Network Based
Platforms: Jana Server 2.2.1 and earlier, Windows All versions
Vulnerability: jana-pop3-bruteforce
X-Force URL: http://www.iss.net/security_center/static/9688.php
Date Reported: 07/26/2002
Brief Description: Jana Server POP3 message index buffer overflow
Risk Factor: Low
Attack Type: Network Based
Platforms: Jana Server 1.46 and earlier, Windows All versions
Vulnerability: jana-pop3-index-bo
X-Force URL: http://www.iss.net/security_center/static/9689.php
Date Reported: 07/25/2002
Brief Description: PGP Passphrase Cache does not reset
Risk Factor: Low
Attack Type: Host Based
Platforms: PGP 7.0.4, PGP 7.1, Unix All versions, Windows All
versions
Vulnerability: pgp-passphrase-cache
X-Force URL: http://www.iss.net/security_center/static/9690.php
_____
Risk Factor Key:
High Any vulnerability that provides an attacker with immediate
access into a machine, gains superuser access, or bypasses
a firewall. Example: A vulnerable Sendmail 8.6.5 version
that allows an intruder to execute commands on mail server.
Medium Any vulnerability that provides information that has a high
potential of giving system access to an intruder. Example:
A misconfigured TFTP or vulnerable NIS server that allows
an intruder to get the password file that could contain an
account with a guessable password.
Low Any vulnerability that provides information that could
potentially lead to a compromise. Example: A finger that
allows an intruder to find out who is online and potential
accounts to attempt to crack passwords via brute force
methods.
______
About Internet Security Systems (ISS)
Founded in 1994, Internet Security Systems (ISS) (Nasdaq: ISSX) is a
pioneer and world leader in software and services that protect critical
online resources from an ever-changing spectrum of threats and misuse.
Internet Security Systems is headquartered in Atlanta, GA, with
additional operations throughout the Americas, Asia, Australia, Europe
and the Middle East.
Copyright (c) 2002 Internet Security Systems, Inc. All rights reserved
worldwide.
Permission is hereby granted for the electronic redistribution of this
document. It is not to be edited or altered in any way without the
express written consent of the Internet Security Systems X-Force. If you
wish to reprint the whole or any part of this document in any other
medium excluding electronic media, please email xforceiss.net for
permission.
Disclaimer: The information within this paper may change without notice. Internet
Security Systems provides this information on an AS IS basis with NO warranties,
implied or otherwise. Any use of this information is at the user’s risk. In no event
shall Internet Security Systems be held liable for any damages whatsoever arising
out of or in connection with the use or dissemination of this information.
X-Force PGP Key available on MIT's PGP key server and PGP.com's key server,
as well as at http://www.iss.net/security_center/sensitive.php
Please send suggestions, updates, and comments to: X-Force
xforceiss.net of Internet Security Systems, Inc.
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
iQCVAwUBPUVikTRfJiV99eG9AQGREwQAigpaz0Mfg3/prdykyv76q93+dWYVVsOT
3YYx7uO7Lkmh4R2oljfTPG05HXN094V5CyK3o+Ab4D7Gnc7xFHHBatkvEehtwTea
ac4wyxQbk8fZ83i2KnORU6cvI9e/gn+KnvaUP04Y6l0gSiaCD71qCRvi+0SIAqlG
lyz4AbynzHc=
=hW1V
-----END PGP SIGNATURE-----
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]